<?php

//Uploads a document into upload table.

require_once 'config.php';
include("include/session.php");



$query1 = "SELECT name, type, size FROM upload";

$result1 = mysql_query($query1);
if (!$result1) die ("Database access failed: " . mysql_error());
$rows = mysql_num_rows($result1);

//echo "<table><tr> <th>name</th> <th>type</th>
//	<th>size</th></tr>";

for ($j = 0 ; $j < $rows ; ++$j)
{
	$row = mysql_fetch_row($result1);
	//echo "<tr>";
	//for ($k = 0 ; $k < 2 ; ++$k) //echo "<td>$row[$k]</td>";
	//echo "</tr>";
}

//echo "</table>";

if(isset($_POST['upload']) && $_FILES['userfile']['size'] > 0)
 {
	$fileName = $_FILES['userfile']['name'];
	$tmpName  = $_FILES['userfile']['tmp_name'];
	$fileSize = $_FILES['userfile']['size'];
	$fileType = $_FILES['userfile']['type'];

	$fp      = fopen($tmpName, 'r');
	$content = fread($fp, filesize($tmpName));
	$content = addslashes($content);
	fclose($fp);

	if(!get_magic_quotes_gpc())
	{
	    $fileName = addslashes($fileName);
	}

	require_once 'config.php';
	
	$userid = $session->userid;
	$seeker_id_query = "SELECT seeker_id FROM wms_seeker WHERE userid = '".$userid."'";
	$seeker_id_resource = mysql_query($seeker_id_query);
	if(!$seeker_id_resource) die ("Database access failed: " . mysql_error());
	$seeker_id = mysql_fetch_array($seeker_id_resource);

	//ECHO "$userid   Seeker_ID: $seeker_id[0]";
	
	
	$query2 = "INSERT INTO upload (fk_seeker_id, name, size, type, content ) ".
	"VALUES ('$seeker_id[0]', '$fileName', '$fileSize', '$fileType', '$content')";
	
	$result2 = mysql_query($query2);
	if(!$result2) die ("Database access failed: " . mysql_error());

	//echo "<br>File $fileName uploaded<br>";
	
	header("Location: documents.php");
 }
 mysql_close($db_server);
 
?>
